Workshop

New Frontiers in Adversarial Machine Learning

Sijia Liu · Pin-Yu Chen · Dongxiao Zhu · Eric Wong · Kathrin Grosse · Hima Lakkaraju · Sanmi Koyejo

Project Page

Abstract

Adversarial machine learning (AdvML), which aims at tricking ML models by providing deceptive inputs, has been identified as a powerful method to improve various trustworthiness metrics (e.g., adversarial robustness, explainability, and fairness) and to advance versatile ML paradigms (e.g., supervised and self-supervised learning, and static and continual learning). As a consequence of the proliferation of AdvML-inspired research works, the proposed workshop–New Frontiers in AdvML–aims to identify the challenges and limitations of current AdvML methods and explore new prospective and constructive views of AdvML across the full theory/algorithm/application stack. The workshop will explore the new frontiers of AdvML from the following new perspectives: (1) advances in foundational AdvML research, (2) principles and practice of scalable AdvML, and (3) AdvML for good. This will be a full-day workshop, which accepts full paper submissions (up to 6 pages) as well as “blue sky” extended abstract submissions (up to 2 pages).

Video

Chat is not available.

Schedule

Timezone: America/Los_Angeles

5:50 AM

Opening Remarks Opening Remarks

6:00 AM

Adversarial attacks on deep learning : Model explanation & transfer to the physical world Talk

Ajmal Mian

Video

Link

6:30 AM

A tale of adversarial attacks & out-of-distribution detection stories in the activation space Talk

Celia Cintas

Video

Link

7:00 AM

Model Transferability With Responsive Decision Subjects Poster

Yang Liu · Yatong Chen · Zeyu Tang · Kun Zhang

Video

7:06 AM

What is a Good Metric to Study Generalization of Minimax Learners? Poster

Asuman Ozdaglar · Sarath Pattathil · Jiawei Zhang · Kaiqing Zhang

Video

7:12 AM

Toward Efficient Robust Training against Union of Lp Threat Models Poster

Gaurang Sriramanan · Maharshi Gor · Soheil Feizi

Video

7:18 AM

On the interplay of adversarial robustness and architecture components: patches, convolution and attention Poster

Francesco Croce · Matthias Hein

Video

7:30 AM

Machine Learning Security: Lessons Learned and Future Challenges Talk

Battista Biggio

Video

Link

8:00 AM

What Can the Primate Brain Teach Us about Robust Object Recognition? Talk

Joel Dapello

Video

Link

8:30 AM

Poster Session Poster Session

9:00 AM

Lunch Lunch

10:00 AM

New adversarial ML applications on safety-critical human-robot systems Talk

Changliu Liu

Video

Link

10:30 AM

Dr. Aleksander Madry's Talk Talk

Aleksander Madry

Video

Link

11:00 AM

Overcoming Adversarial Attacks for Human-in-the-Loop Applications Blue Sky Idea

Ryan McCoppin · Sean Kennedy · Platon Lukyanenko · Marla Kennedy

Video

11:05 AM

Ad Hoc Teamwork in the Presence of Adversaries Blue Sky Idea

Ted Fujimoto · Samrat Chatterjee · Auroop R Ganguly

Video

11:10 AM

Learner Knowledge Levels in Adversarial Machine Learning Blue Sky Idea

Sophie Dai · Prateek Mittal

Video

11:19 AM

Easy Batch Normalization Blue Sky Idea

Arip Asadulaev · Alexander Panfilov · Andrey Filchenkov

Video

11:23 AM

Adversarial Training Improve Joint Energy-Based Generative Modelling Blue Sky Idea

Rostislav Korst · Arip Asadulaev

Video

11:27 AM

Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence Blue Sky Idea

Arip Asadulaev · Alexander Panfilov · Andrey Filchenkov

Video

11:30 AM

Robust physical perturbation attacks and defenses for deep learning visual classifiers Talk

Atul Prakash

Video

Link

12:00 PM

Adversarial Robustness and Cryptography Talk

Somesh Jha

Video

Link

12:30 PM

Poster Session Poster Session

2:00 PM

Closing Remarks Closing Remarks

Rethinking Multidimensional Discriminator Output for Generative Adversarial Networks Poster

Mengyu Dai · Haibin Hang · Anuj Srivastava

Generative Models with Information-Theoretic Protection Against Membership Inference Attacks Poster

Parisa Hassanzadeh · Robert Tillman

Video

Availability Attacks on Graph Neural Networks Poster

Shyam Tailor · Miguel Tairum Cruz · Tiago Azevedo · Nic Lane · Partha Maji

Video

Robust Models are less Over-Confident Poster

Julia Grabinski · Paul Gavrikov · Janis Keuper · Margret Keuper

Video

Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO Poster

Javier Rando · Thomas Baumann · Nasib Naimi · Max Mathys

Video

Distributionally Robust counterfactual Explanations via an End-to-End Training Approach Poster

Hangzhi Guo · Feiran Jia · Jinghui Chen · Anna Squicciarini · Amulya Yadav

Video

Meta-Learning Adversarial Bandits Poster

Nina Balcan · Keegan Harris · Mikhail Khodak · Steven Wu

Boosting Image Generation via a Robust Classifier Poster

Roy Ganz · Michael Elad

Why adversarial training can hurt robust accuracy Poster

jacob clarysse · Julia Hörrmann · Fanny Yang

Video

Superclass Adversarial Attack Poster

Soichiro Kumano · Hiroshi Kera · Toshihiko Yamasaki

Video

Individually Fair Learning with One-Sided Feedback Poster

Yahav Bechavod · Aaron Roth

Video

Multi-Task Federated Reinforcement Learning with Adversaries Poster

Aqeel Anwar · Zishen Wan · Arijit Raychowdhury

Video

Adversarial Cheap Talk Poster

Christopher Lu · Timon Willi · Alistair Letcher · Jakob Foerster

Thinking Two Moves Ahead: Anticipating Other Users Improves Backdoor Attacks in Federated Learning Poster

Yuxin Wen · Jonas Geiping · Liam Fowl · Hossein Souri · Rama Chellappa · Micah Goldblum · Tom Goldstein

Video

Synthetic Dataset Generation for Adversarial Machine Learning Research Poster

Xiruo Liu · Shibani Singh · Cory Cornelius · Colin Busho · Mike Tan · Anindya Paul · Jason Martin

Video

Making Corgis Important for Honeycomb Classification: Adversarial Attacks on Concept-based Explainability Tools Poster

Davis Brown · Henry Kvinge

Video

Do Perceptually Aligned Gradients Imply Adversarial Robustness? Poster

Roy Ganz · Bahjat Kawar · Michael Elad

Make Some Noise: Reliable and Efficient Single-Step Adversarial Training Poster

Pau de Jorge Aranda · Adel Bibi · Riccardo Volpi · Amartya Sanyal · Phil Torr · Gregory Rogez · Puneet Dokania

Video

Catastrophic overfitting is a bug but also a feature Poster

Guillermo Ortiz Jimenez · Pau de Jorge Aranda · Amartya Sanyal · Adel Bibi · Puneet Dokania · Pascal Frossard · Gregory Rogez · Phil Torr

Fair Universal Representations using Adversarial Models Poster

Monica Welfert · Peter Kairouz · Jiachun Liao · Chong Huang · Lalitha Sankar

Video

Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch Poster

Hossein Souri · Liam Fowl · Rama Chellappa · Micah Goldblum · Tom Goldstein

Early Layers Are More Important For Adversarial Robustness Poster

Can Bakiskan · Metehan Cekic · Upamanyu Madhow

Video

Provably Adversarially Robust Detection of Out-of-Distribution Data (Almost) for Free Poster

Alexander Meinke · Julian Bitterwolf · Matthias Hein

Video

Attacking Adversarial Defences by Smoothing the Loss Landscape Poster

Panagiotis Eustratiadis · Henry Gouk · Da Li · Timothy Hospedales

Video

Sound randomized smoothing in floating-point arithmetics Poster

Václav Voráček · Matthias Hein

Video

Robustness in deep learning: The width (good), the depth (bad), and the initialization (ugly) Poster

Zhenyu Zhu · Fanghui Liu · Grigorios Chrysos · Volkan Cevher

Video

Riemannian data-dependent randomized smoothing for neural network certification Poster

Pol Labarbarie · Hatem Hajri · Marc Arnaudon

Adversarial robustness of $\beta-$VAE through the lens of local geometry Poster

Asif Khan · Amos Storkey

Video

``Why do so?'' --- A practical perspective on adversarial machine learning Poster

Kathrin Grosse · Lukas Bieringer · Tarek R. Besold · Battista Biggio · Katharina Krombholz

Video

Adversarial Estimation of Riesz Representers Poster

Victor Chernozhukov · Whitney Newey · Rahul Singh · Vasilis Syrgkanis

Saliency Guided Adversarial Training for Tackling Generalization Gap with Applications to Medical Imaging Classification System Poster

Xin Li · Yao Qiang · CHNEGYIN LI · Sijia Liu · Dongxiao Zhu

Video

Self-Destructing Models: Increasing the Costs of Harmful Dual Uses in Foundation Models Poster

Eric Mitchell · Peter Henderson · Christopher Manning · Dan Jurafsky · Chelsea Finn

Video

Illusionary Attacks on Sequential Decision Makers and Countermeasures Poster

Tim Franzmeyer · Joao Henriques · Jakob Foerster · Phil Torr · Adel Bibi · Christian Schroeder

Video

Can we achieve robustness from data alone? Poster

Julia Kempe · Nikolaos Tsilivis · Jingtong Su

Video

Gradient-Based Adversarial and Out-of-Distribution Detection Poster

Jinsol Lee · Mohit Prabhushankar · Ghassan AlRegib

Video

Investigating Why Contrastive Learning Benefits Robustness against Label Noise Poster

Yihao Xue · Kyle Whitecross · Baharan Mirzasoleiman

Layerwise Hebbian/anti-Hebbian (HaH) Learning In Deep Networks: A Neuro-inspired Approach To Robustness Poster

Metehan Cekic · Can Bakiskan · Upamanyu Madhow

Video

Efficient and Effective Augmentation Strategy for Adversarial Training Poster

Sravanti Addepalli · Samyak Jain · Venkatesh Babu Radhakrishnan

Video

Robust Empirical Risk Minimization with Tolerance Poster

Robi Bhattacharjee · Max Hopkins · Akash Kumar · Hantao Yu · Kamalika Chaudhuri

Towards Out-of-Distribution Adversarial Robustness Poster

Adam Ibrahim · Charles Guille-Escuret · Ioannis Mitliagkas · Irina Rish · David Krueger · Pouya Bashivan

Video

Reducing Exploitability with Population Based Training Poster

Pavel Czempin ·

Video

RUSH: Robust Contrastive Learning via Randomized Smoothing Poster

Yijiang Pang · Boyang Liu · Jiayu Zhou

Welcome to New Frontiers in Adversarial Machine Learning@ICML 2022! Introduction

Yuguang Yao

Dr. Nitesh Chawla's Talk Talk

Nitesh Chawla

Link